CloudSploit is a security and configuration scanner that can detect hundreds of threats in your AWS account.
CloudSploit provides SaaS solutions that utilize secure, cross-account IAM roles to connect to the APIs of customer accounts, scanning for potential security risks and misconfigurations. These risks cover a breadth of AWS services, including IAM, ELB, EC2, RDS, S3, CloudTrail, and ConfigService. Each scan report contains detailed information about the risk type, affected resources, and remediation steps.
The move from traditional infrastructure to cloud providers like Amazon Web Services introduces a host of new security challenges for organizations of all sizes. Cloud providers handle the physical and network security, while the customer is responsible for designing, launching, and maintaining secure environments within that cloud platform. Amazon Web Services alone has thousands of configuration options and security settings across its suite of products. CloudSploit provides hosted software that continually audits these settings across all of a customer's accounts, producing reports that outline potential security risks and misconfigurations. CloudSploit's product helps DevOps, management, security, and legal teams maintain a secure and compliant cloud infrastructure environment.
CloudSploit currently scores 72/100 in the Cyber & Data Security category. This is based on user satisfaction (100/100), press buzz (41/100), recent user trends (falling), and other relevant information on CloudSploit gathered from around the web.
The score for this software has declined over the past month. What is this? |
Editors' Review by the Cyber & Data Security Software Review Team
CloudSploit is a cloud security monitoring and auditing solution designed to audit the configuration status of services within different IaaS accounts for errors that may have security implications.
CloudSploit is a feature-rich online security management solution that caters to the cloud security needs of small- and medium-sized enterprises (SMEs) as well as startups. It offers a wide variety of security functions and capabilities, including endpoint management, IP protection, intrusion detection, behavioral analytics, and vulnerability management.
CloudSploit is also an open-source, automated cloud security and configuration scanner tailored for maintaining as well as monitoring a cloud infrastructure environment on AWS, ensuring that the infrastructure-as-a-service (IaaS) is always secure and compliant. The software helps businesses audit and analyze their AWS security by providing users with key features such as auditing tools, on-demand scanning, results archiving and searching, risk alerts, downloadable reports, region heatmaps, and email summaries.
The cloud security and monitoring tool’s primary function is to audit the configuration status of services in the company’s IaaS accounts, whether they’re using Azure, AWS, or any other cloud infrastructure services. The tool looks for potential misconfigurations that may lead to serious security breaches and compliance issues. It monitors every single activity in the user’s accounts to detect insider threats and suspicious behavior, all in real time.
CloudSploit is tailored to support a variety of clouds and services, including Amazon Web Services (AWS), Oracle, Google Cloud Platform (GCP), and Azure public clouds. Nearly all services from both AWS and Azure are supported by CloudSploit, while the Oracle and GCP beta platforms remain under active development. The following are some of the main features of CloudSploit:
CloudSploit’s application programming interface (API) gives users the ability to access its powerful scanning engine from anywhere at any time. The cloud security auditing and monitoring tool’s built-in API can provide users access to all of its features through its robust RESTful interface. For example, they can enable automation by calling the API from the command line, via scripts, or through build systems such as AWS CodeBuild, Jenkins, or CircleCI.
To enable granular permissions, users can simply access the read/write controls to provide each API key with its specific permissions within the account to maximize the level of security. CloudSploit also automatically keeps audit logs on every API activity. The CloudSploit API will keep track of each API call made, for auditing purposes and to ensure accountability.
CloudSploit features a built-in scanner for CloudFormation security checks. Users can easily scan their CloudFormation templates for more than 95 security risks within seconds. The best part is that the scan is completely free for all CloudSploit accounts. The scanner is capable of performing multiple security checks across more than 40 resource types, covering almost every AWS product. It can be used as a preventative tool, giving users the ability to identify risks and implement secure solutions before launching the infrastructure.
The AWS CloudFormation, for instance, enables repeatable, versioned, and automated infrastructure described as code. That particular code can then be scanned and checked for potential security vulnerabilities before it goes live or gets implemented. CloudSploit also supports plugin-based scans, allowing new security checks to be added as AWS continues to incorporate more resources into CloudSploit’s CloudFormation scanning system.
CloudSploit’s compliance scanning tool is a relatively new addition to its feature set, and it’s already capable of detecting cloud compliance violations in just seconds. Just like the CloudFormation security check, CloudSploit’s compliance scans are also free.
This particular feature works by breaking down the common compliance frameworks into individual, actionable checks. This enables the system to quickly identify potential compliance violations from thousands of resources across a multitude of cloud storage accounts. CloudSploit gives its users the option to enroll their cloud accounts in a compliance framework that is most applicable to their business requirements. This will add an extra layer of security and ensure better compliance.
CloudSploit’s compliance feature also provides clean and concise reports. The tool marks every compliance control as either passing or failing, so users will immediately know at a glance. But if they’re looking for more details, they can drill into the results to access the information they need, including the affected resources for quick and efficient remediation.
CIS, or Center for Internet Security Benchmarking, is another new feature from CloudSploit, and it works perfectly well with the compliance scanning feature. This feature lets users audit their cloud services and storage accounts for compliance with specific controls from the Center for Internet Security Benchmarks.
CloudSploit’s continuous CIS Benchmark auditing feature provides scan reports that include mappings to the more popular CIS Benchmark controls. This enables users to properly assess the integrity and security of their cloud accounts based on the principles and best practices defined by CIS. CloudSploit is certified by CIS for a wide variety of profiles, including AWS Foundations v1.2.0, levels 1 and 2, Microsoft Azure Foundations v1.1.0, levels 1 and 2, as well as Google Cloud Platform Foundations v1.0.0, levels 1 and 2.
CloudSploit is designed to seamlessly integrate with a variety of well-known monitoring services, some of which most businesses and teams may already be using within their technology stack. This includes Slack, OpsGenie, PagerDuty, Microsoft Teams, Amazon SNS, Splunk, and several email services.
The CloudSploit Events feature works by connecting with the user’s AWS event stream. It will then analyze AWS API calls in real time and look for potential security risks. CloudSploit links up with the AWS event bus through CloudWatch Events. If it detects a potential threat or risk, the user will be alerted within 30 seconds.
CloudSploit Events is smart and configurable. With complete access to thousands of event streams at any given time, the cloud security monitoring and auditing solution can identify and respond to any number of suspicious activities on a global scale. Users are also provided with the ability to customize the risk level, trusted IP addresses, and acceptable behavior and activity to make sure that the results are custom-fit to their cloud accounts.
CloudSploit’s main benefits are the ability to automate adherence to cloud security best practices, fix potential issues, and re-evaluate them, as well as the ability to empower developers and chief information security officers (CISOs). The following covers these benefits in more detail:
CloudSploit’s main function is to audit the services and configuration options that cloud providers such as Azure and AWS offer to identify and flag the weak points in the user’s current cloud infrastructure. For those who are aware, AWS and Azure combined have hundreds of services with thousands of configuration options. Finding weak points and vulnerabilities in that kind of environment without the aid of a tool like CloudSploit would be next to impossible.
CloudSploit automates adherence to cloud security best practices by automatically checking key aspects of the cloud service infrastructure. This includes checking servers that are exposed publicly to the internet, unencrypted data storage services and devices, the lack of least-privilege policies, misconfigured backup and restore settings, poor password policies, or the lack of multi-factor authentication (MFA), as well as data exposure and privilege escalation.
Finding potential security risks and issues is just one-half of the core function of any good security solution. The other half is resolving the identified issue and then re-evaluating the findings to make sure that it doesn’t happen again. With CloudSploit, every scan report contains detailed remediation steps so users will understand the full extent of the problem and the steps that were taken to fix it.
The cloud security monitoring and auditing solution ensures that after fixing the problem, users will be able to continuously reassess the event to find opportunities for improvements.
CloudSploit was created by professionals with expertise in cloud security. These cloud security professionals also have the appropriate skills and knowledge in all aspects of the business, from chief information security officers (CISOs) to developers.
With all their expertise and knowledge, they came up with a cloud security monitoring and auditing solution that is powered by an open-source code scanning engine and a full-featured RESTful API. The solution boasts seamless third-party integrations and centralized dashboards capable of supporting thousands of cloud accounts. CloudSploit also provides users with high-level reporting tools and data exporting capabilities.
Pricing information for CloudSploit is not publicly available. Interested parties must contact the vendor directly through their website.
CloudSploit is available as a free subscription for startups and non-profit organizations Interested parties can visit the vendor’s website for more details about the offer, how it works, and how to get it.
CloudSploit is a feature-rich cloud security monitoring and auditing solution powered by an open-source, automated security and configuration scanning engine. It works to monitor and maintain cloud infrastructure environments from different cloud service providers, like AWS, Microsoft Azure, and Google Cloud Platform, making sure that they are secure and compliant.
CloudSploit serves SMEs, as well as startups and non-profit organizations. It provides end-to-end cloud security solutions such as intrusion detection, IP protection, endpoint management, behavioral analytics, and vulnerability management.
Anyone responsible for the security of an Amazon Web Services (AWS) account.
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Yes
Automated Amazon Web Services (AWS) security and configuration monitoring.
Yes
Yes
Yes